CN107609359B - For protecting the method and system of software - Google Patents

For protecting the method and system of software Download PDF

Info

Publication number
CN107609359B
CN107609359B CN201710917542.9A CN201710917542A CN107609359B CN 107609359 B CN107609359 B CN 107609359B CN 201710917542 A CN201710917542 A CN 201710917542A CN 107609359 B CN107609359 B CN 107609359B
Authority
CN
China
Prior art keywords
feature
characteristic
type
software
detection
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201710917542.9A
Other languages
Chinese (zh)
Other versions
CN107609359A (en
Inventor
孙吉平
张伟双
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Senseshield Technology Co Ltd
Original Assignee
Beijing Senseshield Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Senseshield Technology Co Ltd filed Critical Beijing Senseshield Technology Co Ltd
Priority to CN201710917542.9A priority Critical patent/CN107609359B/en
Publication of CN107609359A publication Critical patent/CN107609359A/en
Application granted granted Critical
Publication of CN107609359B publication Critical patent/CN107609359B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

Present disclose provides a kind of methods for protecting software; it wherein uses and protected software is protected with the security component of protected software binding; the described method includes: the detection of respective type feature is carried out to protected software according to the characteristic type for the industrial characteristic data being stored in industrial characteristic database corresponding with the protected software during protected software operation;When detecting feature corresponding with the characteristic type in the protected software, predetermined measures are taken to the protected software.It additionally provides a kind of for protecting the security component of software.Method and security component of the invention can carry out depth customized treatment to development using industrial characteristic database and depth is protected.

Description

For protecting the method and system of software
Technical field
The present invention relates to field of software protection, more particularly, to protect the method and system of software.
Background technique
After software developer issues software, often perplexed by problem of piracy.Software piracy refers to be agreed to without owner In the case where, the behavior that its software is replicated, is distributed, and with infringing products made of this behavior.
In terms of software piracy, bootlegger usually carries out the mode such as increasing appended document and be used as pirate patch to software Processing use the function of the software to allow consumer to avoid the relevant verifying of software owner, it is usually pirate soft Part can not provide legal document of title (rights certificate), can not provide after-sale service for user, however consumer is due to stealing Version software cheap is freely also intended to using piracy software.
Since the software product iteration of present society itself is very fast, if software developer takes judicial means to solve to steal Version problem, not only right-safeguarding is at high cost, and poor in timeliness.Thus whenever encountering piracy, software developer's common method is oneself A large amount of human and material resources and time are spent to analyze the problem of piracy collected on the market, customizes corresponding encipherment scheme, Issue software again again to solve problem of piracy.The shortcomings that carrying out processing software problem of piracy by this method is following Aspect:
1. increasing the development cost of software developer, and special messenger is needed to handle corresponding work, therefore whole Right-safeguarding cost increase;
2. common software is opened since the logic of above-mentioned safety-related processing method and software itself does not have much relations Hair quotient is usual and is bad at, unable to do what one wishes in processing, cannot reach the desired effect for guaranteeing that software ownership is inviolable;
3, it whenever encountering piracy, needs to issue the version of software again, it is more passive to handle this problem;
The antivirus software of current each software developer's exploitation, can be directed to all target softwares on terminal device and work as The preceding viral trojan horse detection of prevalence and killing on the market, realize the protection to target software, but protect plan to a certain extent It is slightly relatively single.
Summary of the invention
An object of the present invention, which is to provide, to be carried out at depth customization development using industrial characteristic database The method and system of reason and depth protection.
According to an aspect of the present invention, a kind of method for protecting software is provided, is bound using with protected software Security component protected software is protected, this method comprises: during protected software operation, according to being stored in and quilt The characteristic type of the industrial characteristic data in the corresponding industrial characteristic database of software is protected to carry out respective class to protected software The detection of type feature;When detecting feature corresponding with characteristic type in protected software, to protected software Take predetermined measures.
In one embodiment, detection type includes the detection of pirate patch feature and/or cracks analysis tool feature Detection.
In one embodiment, industrial characteristic data include industry ID, characteristic type and feature.
In one embodiment, industrial characteristic database is hierarchical structure, and the first level in hierarchical structure includes described Feature, the second level include the feature of profession identity, detection type and each detection type and first level The mapping relations of content.
In one embodiment, industrial characteristic database is hierarchical structure, and the first level in hierarchical structure includes described Feature, the second level include the feature of feature combination mark and each the feature combination and first level Mapping relations, third level include the spy in profession identity, detection type and each detection type and first level Levy the mapping relations of the feature combination mark in content and/or the second level.
In one embodiment, according to the characteristic type for the industrial characteristic data being stored in industrial characteristic database to quilt The detection that protection software carries out respective type feature includes according to the industrial characteristic number being stored in industrial characteristic database According to feature combination to protected software carry out respective type feature detection.
In one embodiment, industrial characteristic data include memory features data, window name characteristic, process feature Data.
In one embodiment, industrial characteristic database is obtained from server-side.
According to another aspect of the present invention, a kind of system for protecting software is provided, which includes security component, The security component is bound with protected software to protect to it, which includes: detection unit, is configured as During protected software is run, according to the industrial characteristic data being stored in industrial characteristic database corresponding with protected software Characteristic type to protected software carry out respective type feature detection;Processing unit is configured as being protected When detecting feature corresponding with characteristic type in software, predetermined measures are taken to protected software.
In one embodiment, detection type includes the detection of pirate patch feature and/or cracks analysis tool feature Detection.
In one embodiment, industrial characteristic data include industry ID, characteristic type and feature.
In one embodiment, industrial characteristic database is hierarchical structure, and the first level in hierarchical structure includes described Feature, the second level include the feature of profession identity, detection type and each detection type and first level The mapping relations of content.
In one embodiment, industrial characteristic database is hierarchical structure, and the first level in hierarchical structure includes described Feature, the second level include the feature of feature combination mark and each the feature combination and first level Mapping relations, third level include the spy in profession identity, detection type and each detection type and first level Levy the mapping relations of the feature combination mark in content and/or the second level.
In one embodiment, processing unit is additionally configured to according to the industrial characteristic being stored in industrial characteristic database The feature combination of data carries out the detection of respective type feature to protected software.
In one embodiment, industrial characteristic data include memory features data, window name characteristic, process feature Data.
In one embodiment, industrial characteristic database is obtained from server-side.
According to the method for the present invention and security component, it the pirate patch feature for different industries software and/or cracks point Tool characteristics are analysed, different types of detection is carried out to the target software of different industries, can accomplish to shoot the arrow at the target, improve detection Depth and efficiency, to realize the customized treatment for carrying out depth to different industries software.
The present invention is solved the problems, such as to there is no the customized treatment and protection for carrying out depth for development at present, be realized More targeted protection is carried out to development, to reduce the problem of piracy of development.
Detailed description of the invention
Embodiment of the disclosure is illustrated in an illustrative manner in conjunction with attached drawing, and attached drawing is a part of this specification. Attached drawing should understand by way of example and not limitation, in which:
Fig. 1 is the flow chart according to one embodiment of the method for software protection of the disclosure;
Fig. 2 is the block diagram according to one embodiment of the security component for protecting software of the disclosure;
Fig. 3 is the schematic diagram according to one embodiment of the system architecture for protecting software of the disclosure;
Fig. 4 is the schematic diagram for illustrating the hierarchical structure in industrial characteristic library according to an embodiment of the present disclosure.
Fig. 5 is the signal for illustrating the hierarchical structure of industrial characteristic database according to another embodiment of the present disclosure Figure.
Specific embodiment
As shown in Figure 1 for according to the flow chart of one embodiment of the method for software protection of the disclosure, this method It is main that protected software is protected using the security component bound with protected software, that is, so-called in the present invention to be protected Shield software is to bind the target software for having security component, especially development.
It is illustrated as shown in connection with fig. 3, Fig. 3 is an implementation according to the system architecture for protecting software of the disclosure The schematic diagram of example, wherein security component is referred to as engine of cracking down upon evil forces, and the binding of protected software and security component can be managed Solution for by the two function binding, thus when user uses or runs protected software must operational safety component simultaneously, and It is also to be understood that " interface " of the protected software using security component as communication with the outside world, so that pirated disc copier can not be by secure group The function that part is separated from protected software without influencing protected software.Security component can use the secure data that dynamic updates Target software is detected in library, and hereinafter also referred to as safety database is industrial characteristic database or industrial characteristic library.According to The embodiment of the present invention may include and the affiliated industry of protected software (such as A industry, B industry, C industry in safety database Deng) the corresponding industrial characteristic data of software.Specifically, industrial characteristic data may include industry ID, characteristic type and spy Content is levied, wherein feature may include pirate patch feature and/or crack analysis tool feature.In addition, characteristic type can To be selected from including memory features data, window name characteristic, the group of process characteristic.
Then, as shown in Figure 1, according to one embodiment of the disclosure, method for protecting software of the invention includes following step It is rapid: in frame S102, during protected software operation, according to being stored in industrial characteristic database corresponding with protected software In industrial characteristic data characteristic type to protected software carry out respective type feature detection;In frame S104, When detecting feature corresponding with characteristic type in protected software, predetermined measures are taken to protected software.This is pre- Setting down measures may include that the software is forbidden to run, and issue prompting message in client, sending notice informing to software developer should Event, etc..
According to one embodiment of the disclosure, the framework of security system for software is specifically illustrated in Fig. 4.This of the invention is soft It may include security component that part, which protects system,.Fig. 2 is an implementation according to the security component for protecting software of the disclosure The block diagram of example.According to one embodiment, as shown in Fig. 2, security component 20 may include detection unit 21 and processing unit 22.It should Detection unit 21 can be configured as during protected software operation, special according to industry corresponding with protected software is stored in The characteristic type for levying the industrial characteristic data in database carries out the detection of respective type feature to protected software.Processing Unit 22 can be configured as when detecting feature corresponding with characteristic type in protected software, to protected software Take predetermined measures.The predetermined measures may include disable the software, in security component to the event recorded so as into Row statistics and analysis issues prompting message in client, sends notice to software developer and inform the event, etc..
In one embodiment, safety database or industrial characteristic library can store in client for security component or crack down upon evil forces Use when engine 20 is detected or handled, such client with server-side without keeping connecting always.In another embodiment, Safety database or industrial characteristic library can be not stored in client, but pass through security component or engine 20 of cracking down upon evil forces is from server-side It obtains, in this case, client needs to keep connecting with server-side always, can contribute to prevent safety database or row Industry feature database is stolen by Malware etc., so as to improve software security.
Fig. 3 is the schematic diagram according to one embodiment of the system architecture for protecting software of the disclosure.Such as Fig. 3 institute Show, server-side stores the feature database of the different industries such as A industrial characteristic library, B industrial characteristic library and C industrial characteristic library, and industry is soft The quantity of part is not limited to three, can be any amount, and correspondingly, the quantity in industrial characteristic library and the quantity of development are opposite It answers, can equally there is any number of industrial characteristic library.These industrial characteristic libraries are defined to be run in corresponding development When need the running environment that detects, and the behavior for needing to monitor.
In one embodiment, crack down upon evil forces engine or the security component 20 of security system for software can be located at client, safety Component 20 can communicate connection with server end to realize that the retrieval to industrial characteristic database, calling etc. operate.In operation, Security component 20 can obtain corresponding property data base, while the secure group from server-side according to the category of employment of Current software Part 20 can carry out different detection operations, such as memory inspection, debugger inspection, according to the behavior of definition according to feature Carry out behavior inspection etc..DB shown in Fig. 3 (A), DB (B) and DB (C) are respectively that engine 20 of cracking down upon evil forces is got from server-side Corresponding A industry, B industry and C industry different industrial characteristic databases.
According to preferred embodiment of the present disclosure, cracks down upon evil forces engine or security component 20 can use software to realize, that is, pass through It is realized with instructing the executable program realized.In addition, in a further embodiment, security component 20 also can be implemented as hardware Or firmware.In other words, the implementation of security component 20 is unrestricted.
According to one embodiment of present invention, it cracks down upon evil forces engine, i.e. security component 20, may include safety database, the peace Full database, which can be obtain in advance from the server-side or safety database, can be security component or corresponding software certainly Band, in use database update can be obtained from server-side.
Fig. 4 is the schematic diagram for illustrating the hierarchical structure in industrial characteristic library according to an embodiment of the present disclosure.It ties below Fig. 4 is closed to be illustrated the hierarchical structure in industrial characteristic library according to an embodiment of the present disclosure.
According to one embodiment of the disclosure, the industrial characteristic database of server-side can use level as shown in Figure 4 Structure stores industry characteristic.Specifically, the lowest hierarchical level (the first level) in database stores each characteristic, The characteristic of the feature A/B ... N of first level as shown in Figure 4, lowest hierarchical level can be divided into multiple types, such as memory spy Levy data, window name characteristic, process characteristic etc..In addition, may include in characteristic in industry ID and feature Hold, when being detected in this way to the software of some development such as industry 1 to industry n, with quick-searching and can obtain and the row The corresponding characteristic of industry software part, and then convenient for carrying out the detection of respective type feature to protected software.In the second layer In grade, the combination of each characteristic, such as AX shown in Fig. 4, AY, XN, YN can store, wherein the combination can be The combination of at least two characteristics of same type is also possible to the combination of different types of at least two characteristic.
In one embodiment, characteristic corresponding to different industries and/or spy also be can store in the first level The combination of data is levied, for example, for the software in industry 1, corresponding A, B and XN assemblage characteristic, that is, to soft in industry 1 When part is protected, determine whether corresponding software is piracy software by detection A, B and XN assemblage characteristic.
It is stored in bottom a plurality of according to one embodiment in the case where storage tier structure includes three levels Characteristic, this feature data may include industry ID, characteristic type and feature, middle layer be characterized rule (i.e. two kinds or The combination of more kinds of characteristics), upper layer is industry, only includes industry ID corresponding with bottom in the upper layer, passes through industry ID Each feature of bottom is associated with the characterization rules in middle layer, and is got up indirectly with business association identical in upper layer;It is depositing The storage stage, whenever extracting characteristic type and feature for certain industry, then the industry ID that is assigned according to the sector It, can when updating the characteristic type and feature of certain industry by the characteristic type of extraction and feature storage into bottom With the content update that will be updated according to industry ID to having in the mutually characteristic of same industry ID, thus to the data in bottom It is updated and upgrades.Then, this feature type and feature are associated with by its industry ID with the characterization rules in middle layer, and Identical industry ID is associated with upper layer indirectly, so that the data in data bottom storehouse layer are updated and be upgraded;It is adjusting With the stage, corresponding rule therefrom layer choosing can be taken by industry ID, then transfer the characteristic type of mutually same industry ID from bottom And feature.The framework clear logic of this memory mechanism, data-reusing is strong, convenient for operations such as statistics, management and upgradings.
Although Fig. 4 shows that the hierarchical structure of industrial characteristic database includes three-level, in accordance with an embodiment of the present disclosure Industrial characteristic database can also be using only being stored including the hierarchical structures of two levels to industrial characteristic data.
In the case where only there are two level, a plurality of feature (including industry ID, characteristic type and spy are stored in bottom Levy content), it only includes industry ID corresponding with bottom in the upper layer that upper layer, which is industry, by industry ID by each of bottom Feature is got up with business association identical in upper layer;In memory phase, characteristic type and feature are extracted whenever being directed to certain industry When content, then the industry ID being assigned according to the sector stores the characteristic type extracted and feature into bottom, Then this feature type and feature are associated by the identical industry ID on its industry ID and upper layer, are updating certain row It, can be according to the content update that industry ID will update to the spy with the mutually same industry ID when characteristic type and feature of industry It levies in data, so that the data in bottom are updated and be upgraded;In the stage of calling, can be adjusted from bottom by industry ID Take the characteristic type and feature of mutually same industry ID.This memory mechanism logic is simple, and framework is convenient.
According to one embodiment, in the case where storage tier structure includes three levels, software protection side of the invention Method carries out phase to protected software according to the combination of the characteristic type for the industrial characteristic data being stored in industrial characteristic database Answer the detection of type feature content.When detecting feature corresponding with the characteristic type in the protected software, Predetermined measures are taken to the protected software.
In one embodiment, industrial characteristic data may include memory features data, window name characteristic, process Characteristic.
According to one embodiment of the disclosure, industrial characteristic database can be hierarchical structure, first in hierarchical structure Level may include feature, and the second level may include profession identity, detection type and each detection type and first layer The mapping relations of the feature of grade.
In accordance with an embodiment of the present disclosure, detection type include the detection of pirate patch feature and/or crack analysis tool spy The detection of sign.
According to another embodiment of the present disclosure, industrial characteristic database can be hierarchical structure, the in hierarchical structure One level may include feature, and the second level may include feature combination mark and the combination of each feature and the first level The mapping relations of feature, third level may include profession identity, detection type and each detection type and the first level In feature and/or the second level in feature combination mark mapping relations.
In one embodiment, processing unit 22 can be additionally configured to according to the row being stored in industrial characteristic database The feature combination of industry characteristic carries out the detection of respective type feature to protected software.
Fig. 5 is the signal for illustrating the hierarchical structure of industrial characteristic database according to another embodiment of the present disclosure Figure.In the following, being carried out with reference to hierarchical structure of the Fig. 5 to industrial characteristic database according to another embodiment of the present disclosure more detailed Explanation.
From figure 5 it can be seen that industrial characteristic database may include as the data Layer of the first level, as the second layer The combination layer and industry layer as third level of grade.
In the data Layer as the first level, the 0n and 11 as shown in figure 5,01,02,03,04,05 ..., 12,13,14, 15 ... 1n etc. can indicate feature, wherein number can reflect data type, for example, can indicate interior with 0 beginning Deposit characteristic, and with 1 open can indicate window feature data.
In the industry layer as third level, alphabetical A, B etc. can represent profession identity, can there is needle in the level To the feature of A industry, B industry etc..For example, as shown in figure 5, for A industry, wherein feature A101 [11, 001] in, A1 can indicate the pirate patch feature in A industry, and in feature A201 [24,001] wherein, A2 can indicate A Analysis tool feature, such as malice analysis tool feature are cracked in industry.
In the combination layer as the second level, for example, 001 shown in Fig. 5 [01,12] indicate the combination of each feature with The mapping relations of the feature of first level, wherein 001 expression feature combination mark, the e.g. number of assemblage characteristic, 13 Or 21 represent characteristic number.
The storage, update, upgrading of industrial characteristic database and calling are said above according to this embodiment Bright, details are not described herein.
According to this embodiment, it can use the storage that data Layer, industry layer and combination layer realize industrial characteristic data, in turn Cracking down upon evil forces engine 20 and realize retrieval and calling to industrial characteristic data by the security system for software, to realize to industry The deep layer of software customizes protection.
It can not also include being used as the second layer in industrial characteristic database as shown in Figure 5 according to other embodiment The combination layer of grade.In such instances, the storage of industrial characteristic data is realized merely with data Layer and industry layer, and then by being somebody's turn to do Security system for software cracks down upon evil forces engine 20 to realize retrieval and calling to industrial characteristic data, to realize to development Deep layer customization protection.
Although described above is the embodiment that hierarchical structure includes three levels and two levels, those skilled in the art exist After understanding the content of the embodiment of the present disclosure, also it is contemplated that hierarchical structure includes more than three level, for example, level Four, Pyatyi etc., These modifications and variations examples are within the scope of this disclosure.
According to one embodiment, in the case where storage tier structure includes three levels, the safety of security system for software The processing unit 22 of component 20 can be additionally configured to the spy according to the industrial characteristic data being stored in industrial characteristic database The combination for levying type carries out the detection of respective type feature to protected software.Detected in the protected software with When the corresponding feature of the characteristic type, processing unit can be configured to take predetermined measures to the protected software.
According to the combination of the characteristic type for the industrial characteristic data being stored in industrial characteristic database to protected software The detection for carrying out respective type feature can be improved the efficiency that data are retrieved from industrial characteristic database, improve secure group Whether part inspection software improves the efficiency and validity of protection software by pirate efficiency.
Mention in the description " one embodiment ", " preferred embodiment ", " embodiment " and " each embodiment " mean with Specific feature, structure, characteristic or the function that the embodiment combines description are included at least one embodiment of the disclosure And it may be embodied in more than one embodiment.Moreover, specification occur everywhere above-mentioned wording be not necessarily all referring to it is same Embodiment.
It, can be without departing from the scope of the invention to disclosed reality other than content described herein Example is applied to carry out various modifications.Therefore, explanation and example here is interpreted as illustrative rather than restrictive.Of the invention Spirit and scope should be limited solely by reference to claim and its equivalent.

Claims (22)

1. a kind of method for protecting software, which is characterized in that using the security component bound with protected software to being protected Shield software is protected, which comprises
During protected software operation, according to the row being stored in industrial characteristic database corresponding with the protected software The characteristic type of industry characteristic carries out the detection of respective type feature to protected software;
When detecting feature corresponding with the characteristic type in the protected software, the protected software is adopted Take predetermined measures,
Wherein, the industrial characteristic database is hierarchical structure, and the first level in the hierarchical structure includes in the feature Hold, the second level includes the feature of profession identity, detection type and each detection type and first level Mapping relations.
2. according to the method described in claim 1, wherein, detection type includes: the detection of pirate patch feature and/or cracks point Analyse the detection of tool characteristics.
3. according to the method described in claim 1, wherein, the industrial characteristic data include industry ID, the characteristic type and The feature.
4. according to the method described in claim 1, wherein, the industrial characteristic data include memory features data, window name Characteristic, process characteristic.
5. according to the method described in claim 1, wherein, the industrial characteristic database is obtained from server-side.
6. a kind of method for protecting software, which is characterized in that using the security component bound with protected software to being protected Shield software is protected, which comprises
During protected software operation, according to the row being stored in industrial characteristic database corresponding with the protected software The characteristic type of industry characteristic carries out the detection of respective type feature to protected software;
When detecting feature corresponding with the characteristic type in the protected software, the protected software is adopted Take predetermined measures,
Wherein, the industrial characteristic database is hierarchical structure, and the first level in the hierarchical structure includes in the feature Hold, the second level includes that feature combination mark and each feature combination and the mapping of the feature of first level are closed System, third level include the feature in profession identity, detection type and each detection type and first level And/or the mapping relations of the second feature combination mark in level.
7. according to the method described in claim 6, wherein, detection type includes: the detection of pirate patch feature and/or cracks point Analyse the detection of tool characteristics.
8. according to the method described in claim 6, wherein, the industrial characteristic data include industry ID, the characteristic type and The feature.
9. according to the method described in claim 6, according to the feature for the industrial characteristic data being stored in industrial characteristic database The detection that type carries out respective type feature to protected software includes according to the row being stored in industrial characteristic database The feature combination of industry characteristic carries out the detection of respective type feature to protected software.
10. according to the method described in claim 6, wherein, the industrial characteristic data include memory features data, window name Characteristic, process characteristic.
11. according to the method described in claim 6, wherein, the industrial characteristic database is obtained from server-side.
12. a kind of system for protecting software, which is characterized in that the system comprises security component, the security component with Protected software is bound to protect to the protected software, and the security component includes:
Detection unit is configured as during protected software is run, corresponding with the protected software according to being stored in The characteristic type of industrial characteristic data in industrial characteristic database carries out the inspection of respective type feature to protected software It surveys;
Processing unit is configured as detecting feature corresponding with the characteristic type in the protected software When, predetermined measures are taken to the protected software,
Wherein, the industrial characteristic database is hierarchical structure, and the first level in the hierarchical structure includes in the feature Hold, the second level includes the feature of profession identity, detection type and each detection type and first level Mapping relations.
13. system according to claim 12, wherein detection type includes: the detection of pirate patch feature and/or cracks The detection of analysis tool feature.
14. system according to claim 12, wherein the industrial characteristic data include industry ID, the characteristic type With the feature.
15. system according to claim 12, wherein the industrial characteristic data include memory features data, window name Claim characteristic, process characteristic.
16. system according to claim 12, wherein the industrial characteristic database is obtained from server-side.
17. a kind of system for protecting software, which is characterized in that the system comprises security component, the security component with Protected software is bound to protect to the protected software, and the security component includes:
Detection unit is configured as during protected software is run, corresponding with the protected software according to being stored in The characteristic type of industrial characteristic data in industrial characteristic database carries out the inspection of respective type feature to protected software It surveys;
Processing unit is configured as detecting feature corresponding with the characteristic type in the protected software When, predetermined measures are taken to the protected software,
Wherein, the industrial characteristic database is hierarchical structure, and the first level in the hierarchical structure includes in the feature Hold, the second level includes that feature combination mark and each feature combination and the mapping of the feature of first level are closed System, third level include the feature in profession identity, detection type and each detection type and first level And/or the mapping relations of the second feature combination mark in level.
18. system according to claim 17, wherein detection type includes: the detection of pirate patch feature and/or cracks The detection of analysis tool feature.
19. system according to claim 17, wherein the industrial characteristic data include industry ID, the characteristic type With the feature.
20. system according to claim 17, wherein the processing unit is additionally configured to basis and is stored in industrial characteristic The feature combination of industrial characteristic data in database carries out the detection of respective type feature to protected software.
21. system according to claim 17, wherein the industrial characteristic data include memory features data, window name Claim characteristic, process characteristic.
22. system according to claim 17, wherein the industrial characteristic database is obtained from server-side.
CN201710917542.9A 2017-09-30 2017-09-30 For protecting the method and system of software Active CN107609359B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710917542.9A CN107609359B (en) 2017-09-30 2017-09-30 For protecting the method and system of software

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710917542.9A CN107609359B (en) 2017-09-30 2017-09-30 For protecting the method and system of software

Publications (2)

Publication Number Publication Date
CN107609359A CN107609359A (en) 2018-01-19
CN107609359B true CN107609359B (en) 2019-05-03

Family

ID=61068425

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710917542.9A Active CN107609359B (en) 2017-09-30 2017-09-30 For protecting the method and system of software

Country Status (1)

Country Link
CN (1) CN107609359B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107038562A (en) 2017-03-13 2017-08-11 阿里巴巴集团控股有限公司 Method of payment, charge system and the payment system of traffic block meter rate

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102855439A (en) * 2012-07-26 2013-01-02 深圳市赛格导航科技股份有限公司 Executable file self-checking method and device
CN103164642A (en) * 2011-12-19 2013-06-19 比亚迪股份有限公司 Method and system for preventing software piracy
CN104063664A (en) * 2014-06-26 2014-09-24 北京奇虎科技有限公司 Software installation package security detection method, software installation package security detection client, software installation package security detection server and software installation package security detection system

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1972292B (en) * 2005-10-17 2012-09-26 飞塔公司 Systems and methods for processing electronic data
US8037506B2 (en) * 2006-03-03 2011-10-11 Verimatrix, Inc. Movie studio-based network distribution system and method
CN102592103B (en) * 2011-01-17 2015-04-08 中国电信股份有限公司 Secure file processing method, equipment and system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103164642A (en) * 2011-12-19 2013-06-19 比亚迪股份有限公司 Method and system for preventing software piracy
CN102855439A (en) * 2012-07-26 2013-01-02 深圳市赛格导航科技股份有限公司 Executable file self-checking method and device
CN104063664A (en) * 2014-06-26 2014-09-24 北京奇虎科技有限公司 Software installation package security detection method, software installation package security detection client, software installation package security detection server and software installation package security detection system

Also Published As

Publication number Publication date
CN107609359A (en) 2018-01-19

Similar Documents

Publication Publication Date Title
CN102176224B (en) Methods and apparatus for dealing with malware
JP6522707B2 (en) Method and apparatus for coping with malware
Caballero et al. Measuring {Pay-per-Install}: The commoditization of malware distribution
US20190081983A1 (en) Secure firewall configurations
CN1773417B (en) System and method of aggregating the knowledge base of antivirus software applications
US9183377B1 (en) Unauthorized account monitoring system and method
CN104318135B (en) A kind of Java code Safety actuality loading method based on credible performing environment
CN109923548A (en) Method, system and the computer program product that encryption data realizes data protection are accessed by supervisory process
EP2323061A2 (en) Software signature tracking
CN106257481A (en) For recovering the system and method for the data of amendment
CN105408911A (en) Hardware and software execution profiling
CN107766728A (en) Mobile application security managing device, method and mobile operation safety protection system
CN101414327B (en) Method for file protection
US20220360594A1 (en) Mitigating threats associated with tampering attempts
CN103473501B (en) A kind of Malware method for tracing based on cloud security
CN104573515A (en) Virus processing method, device and system
CN103679039B (en) Secure storage method of data and device
US20090328210A1 (en) Chain of events tracking with data tainting for automated security feedback
Cai et al. Inferring the detection logic and evaluating the effectiveness of android anti-virus apps
CN109815701A (en) Detection method, client, system and the storage medium of software security
CN107609359B (en) For protecting the method and system of software
Huang et al. A large-scale study of android malware development phenomenon on public malware submission and scanning platform
Weiss et al. On threat analysis and risk estimation of automotive ransomware
Egners et al. Hackers in your pocket: A survey of smartphone security across platforms
CN103034806B (en) Process method and the terminal of operation

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CP01 Change in the name or title of a patent holder
CP01 Change in the name or title of a patent holder

Address after: 100193 5th floor 510, No. 5 Building, East Yard, No. 10 Wangdong Road, Northwest Haidian District, Beijing

Patentee after: Beijing Shendun Technology Co.,Ltd.

Address before: 100193 5th floor 510, No. 5 Building, East Yard, No. 10 Wangdong Road, Northwest Haidian District, Beijing

Patentee before: BEIJING SENSESHIELD TECHNOLOGY Co.,Ltd.